MultiOTP with freeradius wrong

Question

I running freeradius 3.* on my server with The MultiOTP Version is 4.3.1.1 and for configuring FreeRADIUS I have used this guide: http://wiki.freeradius.org/guide/multiOTP-HOWTO and when I use radiusd -X the worng is just like this

whith my policy.conf

root@debian:~# cat /usr/local/etc/raddb/policy.d/policy.conf
policy {
    # Change to a specific prefix if you want to deal with normal PAP authentication as well as OTP
    # e.g. "multiotp_prefix = 'otp:'"
    multiotp_prefix = ''
    multiotp.authorize {
       # This test is for decimal OTP code only, otherwise you will have to change it
       # Try for example this simple test: if (!control:Auth-Type) {
        if (control:Auth-Type == 'MS-CHAP') {
              update control {
                      Auth-Type := multiotpmschap
              }
        }
        elsif (!control:Auth-Type && User-Password =~ /^${policy.multiotp_prefix}([0-9]{10})$/) {
            update control {
                Auth-Type := multiotp
            }
        }
    }
}

I find more any documents and wiki but it don't work. So I want konw what is wrong with it.

score 1 · Answer 1 · answered Jun 06 '17 at 13:15

1

change

 if (control:Auth-Type == 'MS-CHAP') {

to

 if (control:Auth-Type == MS-CHAP) {

answered Jun 06 '17 at 13:15

Krzysztof Stasiak

798
5
18

despite the HOWTO explicitly having the quotes? – Jeff Schaller Jun 06 '17 at 13:34
In your screen is marked that there is an problem, i think HOWTO is for older version of freeradius, where it works. – Krzysztof Stasiak Jun 07 '17 at 07:29
thank it work but the other miss like this `/usr/local/etc/raddb/policy.d/policy.conf[13]: Reference "${policy.multiotp_prefix}" not found /usr/local/etc/raddb/policy.d/policy.conf[13]: Parse error expanding ${...} in condition Errors reading or parsing /usr/local/etc/raddb/radiusd.conf ` so waht can it do work and how can i find the newest wiki to use and i want it to use for window AD. – zore lu Jun 09 '17 at 01:06
Did you create modules for multiotp and multiotpmschap as in wiki [link](https://wiki.freeradius.org/guide/multiOTP-HOWTO#freeradius-3-x-x)? Whitch version of freeradius you have? – Krzysztof Stasiak Jun 09 '17 at 06:38
i have freeradius 3 and i already create modules for multiotp and multiotpmschap in mod-sites-available and sites-enabled. – zore lu Jun 10 '17 at 07:53
maybe change `${policy.multiotp_prefix}` to `${multiotp_prefix}` or `${policy:multiotp_prefix}`... but I'm not sure. – Krzysztof Stasiak Jun 11 '17 at 09:39
1

Thank you but i try but it's till no work .so i try other open source like this privacyidea .and now i succeed work otp with it . so i think the MultiOTP is less wiki. – zore lu Jun 14 '17 at 06:32

MultiOTP with freeradius wrong

1 Answers1